Back
WordPress Shapely theme <= 1.2.8 - Unauthenticated Function Injection vulnerability
- Product
- Shapely
- Description
- Unauthenticated Function Injection vulnerability found by Jerome Bruandet (NinTechNet) in WordPress Shapely theme (versions <= 1.2.8).
- Solution
- Update the WordPress Shapely theme to the latest available version (at least 1.2.9).
- Classification
-
Type Unknown
OWASP Top 10 A1: Injection
- References
-
Theme changelog
Vulnerability details
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 1.2.8
Fixed In 1.2.9
- Disclosure date
- 2020-10-01
- Credits
- Jerome Bruandet (NinTechNet)